IETF Logo Mail Archive

Re: [Lwip] Magnus Westerlund's Discuss on draft-ietf-lwig-curve-representations-19: (with DISCUSS)

Mohit Sethi M <mohit.m.sethi@ericsson.com> Thu, 18 February 2021 14:16 UTC

Return-Path: <mohit.m.sethi@ericsson.com>
X-Original-To: lwip@ietfa.amsl.com
Delivered-To: lwip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0D583A1272; Thu, 18 Feb 2021 06:16:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.671
X-Spam-Level:
X-Spam-Status: No, score=-2.671 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.57, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AJRRE8RKA-pP; Thu, 18 Feb 2021 06:16:36 -0800 (PST)
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10073.outbound.protection.outlook.com [40.107.1.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A93843A1274; Thu, 18 Feb 2021 06:16:34 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hkAZzAYJkaNbcWFeDlpVJGIFJe9N6FhVSAeTMkHiLmEv9jZ7dfEqWUrnlYKCBEcoBK8jnPvGr2gAG2/MjQxVgtRgRdc/HjnddsHSh0wixsOL9C+vyKwZil1E/mHW/MWeZEubpNZ6rOTnTq/DypqtV6+BekQzL7ECYAiPLvYj3RbADPhnHM1ZR5rbe9prj60w2AYR9LhL7GUe4dpZ3qcdVA8TwAhlfQvFIIPHCsjtPMr48N7YqxOflYbD9HnN8PvM5kBksu3TprEvFNJqKDx7191Va5BjboHR7QqKkElitPk+73gQ91oJ15qR/x2jjWadFnEsPmSHWiljeRsPMSAqsg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vkCDh1SEDY4TbJg3earb6FgbVgbQcGeWTDLUeZl/mZI=; b=DSV87M8iCn9rLX5rtZ6P+YvHaYLCoaDu/APUzcIce11BPibNTRFkE9Pvj9D9w/cpB1NKYKcy/QHXkH6zRl0TJ1Nym7G0GveBDBw8FXBWlSWEF8tag/Zb1OA5eg79gs6IiAEKzgWBFNikk18AA6l6u9dziwnduuGhPbdECggv9zqs6KrWQwY8131UDP/2YBPhFdGYGAnKDq+6k4sylPV6we2n9cK/8jTIYFMl7dx8c+xQJHdJ51JDbyOWyCKjQ6Iu4/5GMZNp39vigmg/QCA+wNEEPYVYBAnm9am54kt6bB7rIy0KW6TlFg4uedjLv+DS/Ju7DVoqORmx2d0NCva9Fg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vkCDh1SEDY4TbJg3earb6FgbVgbQcGeWTDLUeZl/mZI=; b=WNF+0W9cbx9OMbl5siXfo/p+Wdy3maYaYVadov2fFNvWCATNG11b1SR1iyjp/8Tz78L6GDz9BNou48E2k3pVY2hCB/AWVJokya75f16rJARk8tEyBrGFk9JWKDVqXby1E9NqGkuQK4tdS50K+Mo+1nMJsBQprQtuSurGeadrAF0=
Received: from HE1PR07MB3436.eurprd07.prod.outlook.com (2603:10a6:7:37::31) by HE1PR0701MB3051.eurprd07.prod.outlook.com (2603:10a6:3:57::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.12; Thu, 18 Feb 2021 14:16:31 +0000
Received: from HE1PR07MB3436.eurprd07.prod.outlook.com ([fe80::9028:916a:402e:aa6a]) by HE1PR07MB3436.eurprd07.prod.outlook.com ([fe80::9028:916a:402e:aa6a%6]) with mapi id 15.20.3868.022; Thu, 18 Feb 2021 14:16:31 +0000
From: Mohit Sethi M <mohit.m.sethi@ericsson.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>, Rene Struik <rstruik.ext@gmail.com>
CC: Magnus Westerlund <magnus.westerlund@ericsson.com>, "lwip@ietf.org" <lwip@ietf.org>, Mohit Sethi M <mohit.m.sethi@ericsson.com>, "iesg@ietf.org" <iesg@ietf.org>, "lwig-chairs@ietf.org" <lwig-chairs@ietf.org>, "draft-ietf-lwig-curve-representations@ietf.org" <draft-ietf-lwig-curve-representations@ietf.org>
Thread-Topic: [Lwip] Magnus Westerlund's Discuss on draft-ietf-lwig-curve-representations-19: (with DISCUSS)
Thread-Index: AQHXBTHhCuhkN+1zHkqXc31CwcPT9qpcfvkAgAAbvQCAABhggIAAfjgAgADFmoA=
Date: Thu, 18 Feb 2021 14:16:31 +0000
Message-ID: <38679a33-b997-bdb5-41fa-149321474627@ericsson.com>
References: <161356897308.14208.11423622413442209985@ietfa.amsl.com> <116cb13e-22f1-4686-61c3-7b556eea730c@gmail.com> <635aa9d5e4692752f0e9ea4e1293c99b1885f379.camel@ericsson.com> <f0502e89-9e87-769e-52f5-996043c3d97a@gmail.com> <CAL0qLwZzMbMjPc9ei1yD91zbkNQCwd8mJtnambMdLeV7ML2Y-A@mail.gmail.com>
In-Reply-To: <CAL0qLwZzMbMjPc9ei1yD91zbkNQCwd8mJtnambMdLeV7ML2Y-A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [176.93.72.101]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d3248b28-4ac3-4378-de07-08d8d417ca6b
x-ms-traffictypediagnostic: HE1PR0701MB3051:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <HE1PR0701MB3051FA4299D6D3C82420D45FD0859@HE1PR0701MB3051.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: W22z271R1M48uXpN4e0drBGgVDYQbBPU4ImhDc/NAQpjk7EHtcoMdmCDMcBoPsKTnd11U9eERI3/yLWondQkNcS5BwxVEx1l2eU2Rl0SobPOacsa+5bti5J5RNttIrPJtBPkBZrgvEepCDx90yxbB89BpNQnhpJbuWGDMfZAI8uKR/pVMPoS1camRfGIeiaKONqeZUEDN7OsusH8TxtLOqq60JAQU2p8yLa5A9rJxVcIqaL6/jbkZ2K2fDzSNhEmKNaqEY10v/uz/Ph8lQe4dEnlC3n/qGCgVwoEL37tpOaRdOR5QX8i6gIIIc8RbKu7RmrvBXyrWIqmDWJHpBUZt6LUqoMHTcgHatot2y1oxGlD8YU9YmzYhImrW+wetYQydDfX51Cgl/DRzl/M2pPiRdNctrOQFXuLKoSP969EiRAHMZLKlF3X5DqBqVdkikHjtZJqUyF9MZisg6VBHv5SI+9wZn/UOQsyHTr4swe05kWZSyHWsMF/NagJ2iNBRgDGEjVd5NUbcdlWRXmGYyTa9xn7ujqQDFErmJHWcKzm8/On+RkO+3k90liTLusQMD2hulVCCldBzFbFusOBB1tK8sFiieWsc/LpumiGhVSz7OigYgxnv+NVo6MU+XuGoUcllAkwcs5RdkQlmpCbHNrRLst5VMsb0/RiuJXAXXIQMqGo8wzEtZsHOEAu7cm+b+in
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB3436.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(39860400002)(346002)(136003)(366004)(376002)(396003)(71200400001)(36756003)(5660300002)(2906002)(6486002)(8676002)(8936002)(86362001)(83380400001)(6506007)(66476007)(66946007)(31696002)(6512007)(31686004)(4326008)(966005)(66574015)(316002)(76116006)(54906003)(26005)(478600001)(2616005)(66556008)(110136005)(64756008)(66446008)(53546011)(186003)(166002)(43740500002)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: L725qMUOiktdoGP2Kvozo/RYYYwToHB2n+qQo6nzYuqxLIVf5Gm03MvtpBcYWMYqDcvuTtKKVP8JgcfrI7mCgg/04AceUIEvMjz0UQ042fIV8Vz9esm1vqKfJf6Z6NVab98MF3M5ppm3k9OsvCDg8NIfWk9mKXIQi8PTUhKR4HEjbPvnzjQuldBS60xp8FFg38dH18KXvpvztdGDOxUsFJqjfDBXp737VVb2EL0a9athhmWQkPhhNocW++9afAFhDJktfIaTxn+kkQRoveLuLeUkidH1sfmOyUqqpEIHiHuLz1lueQvy9hTY9wgMLzH/U65hVQBIIAqS5zj+W47uDwljZUmtIUdmlcJJAbHLVai5VG7atQVQg3HmVk6UyXuukXf738g55/P0HinLiCIItttivVOBOtgRjzCw7xgNLe0pW3b/3lrbioygTh3puK7uDqBsB01Hge3Z8xUDs8Vw8s6pRjVI+4FfASGSWeDv3G0hDxfUycuGv85miVsW3E3c9et9jDtk25QxKQaSB3r9+1GVpOfy8+mjl+uxUtwWPygDKb0N6ZggbZSQWZP/9Ekoq/msY7a9n+/xJztz5rMeb8Opux9ntF4+AE7Gomw3/0WM4gGwtRDXEc3ErnIIZhQfF/8T1Am04vm+qgHit3RoxIciVrVnfqKoMXjsAWa+sf0a2Ie9ZHmOZ7RX+Xr6eaIiRBC8GsSYd2O2qj4JE4VVkUVMdoqYYL8iup7jTmepQ0pZkN9eMVp7+i510Tbhf2tdaRyX++rbx4mYFDECiRjBPni5HBBZAV3n8qSBAA5wB04lv7Bki5eexVGzgGnOe+9AwmvdMUbo2FgGu3bPHMQeFHDl4LZlfGYrWt5xjkCplhncUXsGsnoXH/3Ny8N0qWTqfAsqqqsQyFtQLzBWLJ0RTfy2hCoj8vf3ChwykriiHzTLD7dUvONV00Y5hyZ0i8ucRIgj47CE6ubnHYvQe37SzIBE4+PLQevRDQkVIKkzmnmJV9aifqdLREy/Ia7PE/NI5AEVM95nysfwkw2y2VYwq5W5VorCEKip0cPajjBdnxHS6PES7Hat6HM8WxTu3qP8xU2D3KjBoDVclvqbpc72Wb5NvUg0ZB2ALkRpVEjE848ZJzPH96eQ1Z8lnrYTs55RmWgqrlb+k6IMhydkJHKcktkKgRb1AisynKB065YuAo5z2e4TMUAAwNyOfunmuNHO+P5V6RQitbwiUWlZKhp4CporOW0+VUKak7tqCB3w91BTDoSGzoWpmxBMT8BP4pj56oDcObgzf5n4I+mQRKQGHMab2dkQ3qk2ueb00FU2lsc=
Content-Type: multipart/alternative; boundary="_000_38679a33b997bdb541fa149321474627ericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB3436.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d3248b28-4ac3-4378-de07-08d8d417ca6b
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Feb 2021 14:16:31.2711 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: c2jWjMtzgj07ACavCT2C8kBPSaUeabb2neNDKJ6/Ye6Dzfi2khUIbMoXQL4G3GRoWVLOl+pHnT/wUByGL3rSOwCsKZW+P3VQVUP/2J5dVE0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB3051
Archived-At: <https://mailarchive.ietf.org/arch/msg/lwip/HGtWX1x4VYYZG52IjeoYq3Fj-1o>
Subject: Re: [Lwip] Magnus Westerlund's Discuss on draft-ietf-lwig-curve-representations-19: (with DISCUSS)
X-BeenThere: lwip@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Lightweight IP stack. Official mailing list for IETF LWIG Working Group." <lwip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lwip>, <mailto:lwip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lwip/>
List-Post: <mailto:lwip@ietf.org>
List-Help: <mailto:lwip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lwip>, <mailto:lwip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Feb 2021 14:16:39 -0000

Hi Murray, IESG,

Sorry for the somewhat long email but I thought it is worth elaborating on the history of this document a little. I guess many of us struggled with the question if LWIG is the right venue before this document was adopted. Suresh (AD at the time of adoption), Ben Kaduk, and I (co-chair) did note that this draft is crypto-dense. Ben in 2019 asked:

Hi all,

I happened to see the IoTdir review of
draft-ietf-lwig-curve-representations go by, and was kind of struck by how
math/crypto-dense it was (and how long it was).  It's really the sort of
thing I expect to see come out of CFRG, and doesn't strike me as really
LWIG's core competency.

Could you say a bit more about why it's being pursued in LWIG?

Thanks,

Ben

and Suresh responded:

Yes. It has been very concerning to me and and I did raise my concern several times with the IESG including the last time at the IESG wrap up meeting for Prague on March 29. I was also concerned about the crypto heavy nature and proceeded based on the Stanislav Smyshlyaev review from the Crypto Review panel. I had also specifically asked for a SecDir review before I send this off to IETF LC but the Sec Dir review due on 10/04 has not arrived yet. I will let Mohit and Zhen make the call, but if you think the cfrg would be a good venue for this I would personally be happy to approve the move.

Thanks
Suresh

I think some of our concerns were assuaged because this draft was sent to the IETF Crypto Review Panel (https://trac.ietf.org/trac/irtf/wiki/Crypto%20Review%20Panel) through Alexey Melnikov. Stanislav Smyshlyaev reviewed the document and the formulae. I believe comments from the Crypto Review Panel were addressed by Rene.

Ben later responded:

Hi Mohit,

I didn't know that Stanislav had done a crypto review (or rather, I forgot,
since I think I am on that mailing list as a courtesy); he does good work,
and that alleviates most of my concerns.

My gut feeling remains that CFRG is "more appropriate" in some abstract
sense, but it's not clear that the benefit of moving the document is worth
any gains that might be had.  Hopefully one of us can remember to forward
the IETF LC note to the CFRG when that happens, which should be enough
awareness there.

Thanks for the extra background,

Ben

LWIG has done lots of security related RFCs and drafts:

RFC 7815: Minimal Internet Key Exchange Version 2 (IKEv2) Initiator Implementation: https://datatracker.ietf.org/doc/rfc7815/
RFC 8387: Practical Considerations and Implementation Experiences in Securing Smart Object Networks: https://datatracker.ietf.org/doc/rfc8387/
draft-ietf-lwig-minimal-esp: Minimal ESP: https://datatracker.ietf.org/doc/draft-ietf-lwig-minimal-esp/

When Rene's draft was adopted, there were no IANA registrations (https://tools.ietf.org/html/draft-ietf-lwig-curve-representations-00#section-5). As it happens sometimes, the scope of the work expanded after working group adoption and perhaps everyone involved could have been more diligent. I understand the IESG concerns about LWIG charter not covering this work item precisely. But as an individual contributor: I think we are at a point of diminishing returns and pursuing this document elsewhere is perhaps not the best choice. I like Carsten's suggestion of reverting this document to informational and allowing some values to be registered even if they require standards action. Carsten explains the logic rather nicely here: https://mailarchive.ietf.org/arch/msg/cose/g8UaczrsG6zHqR6qDIxRt-JJMtM/

Obviously, you, the IESG members have way more experience than me and I'll follow your recommendations here (both as co-chair and document shepherd).

--Mohit

On 2/18/21 4:29 AM, Murray S. Kucherawy wrote:
On Wed, Feb 17, 2021 at 10:57 AM Rene Struik <rstruik.ext@gmail.com<mailto:rstruik.ext@gmail.com>> wrote:
I am sure you have much more process experience than I do. However, I have trouble understanding how having a IANA section makes this suddenly a process violation. Do I understand correctly that, in your mind, this process issue would be moot if I would simply partition the doc into two parts A and B, where C:=A+B is the current document and where A=C\B and B:={Section 12.2, Section 12.3}?

[...]

I simply would like to understand, since I do not right now.

Hopefully this helps rather than muddies things further, and Magnus (and Erik, and Ben, etc.) can correct me if I'm wrong:

The first issue: The Last Call announcement for this document indicated that the working group wants it to have Informational status when published.  After that Last Call was completed, our procedures assert that the document, with any Last Call feedback worked into it, has IETF consensus to be published with that specific status.  Changing the status being sought to Standards Track without also running a new Last Call saying so violates our procedures; the document can't go forward unless that status change is reverted, or a second Last Call is done indicating the new intended status.  This point has nothing at all to do with the content of the document, but rather the path it has followed through the process so far.

The second issue: The LWIG working group does not appear (on a cursory read) to be chartered to produce a document that does this sort of work with cryptographic algorithms.  Since a working group's charter is in effect a contract between the working group and the IESG to describe exactly the work it will produce, the delta between what this document is doing and what LWIG's charter says is large enough that this is something worthy of discussion and resolution before the document should advance.  If the charter is wrong, let's renegotiate it; if this work needs to be done in a different venue, let's make that arrangement; etc.

I believe Magnus is right to put the brakes on until these issues are sorted out.

-MSK



_______________________________________________
Lwip mailing list
Lwip@ietf.org<mailto:Lwip@ietf.org>
https://www.ietf.org/mailman/listinfo/lwip

v2.23.0 | Report a Bug | By Email